GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,267 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware... Critical Unreviewed

CVE-2018-1144 was published May 13, 2022

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware... Critical Unreviewed

CVE-2018-1143 was published May 13, 2022

An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection. Critical Unreviewed

CVE-2018-10660 was published May 13, 2022

Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of... Critical Unreviewed

CVE-2018-11143 was published May 13, 2022

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8... Critical Unreviewed

CVE-2018-11138 was published May 13, 2022

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host... Critical Unreviewed

CVE-2018-10562 was published May 13, 2022

PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper... Critical Unreviewed

CVE-2018-1000885 was published May 13, 2022

'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is... Critical Unreviewed

CVE-2017-9828 was published May 13, 2022

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... Critical Unreviewed

CVE-2017-9483 was published May 13, 2022

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster... Critical Unreviewed

CVE-2017-9328 was published May 13, 2022

Untrusted input execution via igetwild in all iRODS versions before 4.1.11 and 4.2.1 allows other... Critical Unreviewed

CVE-2017-8799 was published May 13, 2022

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow... Critical Unreviewed

CVE-2017-8220 was published May 13, 2022

The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and... Critical Unreviewed

CVE-2017-8116 was published May 13, 2022

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload... Critical Unreviewed

CVE-2017-8051 was published May 13, 2022

QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via... Critical Unreviewed

CVE-2017-6361 was published May 13, 2022

QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and... Critical Unreviewed

CVE-2017-6359 was published May 13, 2022

QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain... Critical Unreviewed

CVE-2017-6360 was published May 13, 2022

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible... Critical Unreviewed

CVE-2017-6182 was published May 13, 2022

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10... Critical Unreviewed

CVE-2017-4053 was published May 13, 2022

The Lenovo Service Framework Android application executes some system commands without proper... Critical Unreviewed

CVE-2017-3761 was published May 13, 2022

A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before... Critical Unreviewed

CVE-2017-18044 was published May 13, 2022

Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell... Critical Unreviewed

CVE-2017-16926 was published May 13, 2022

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because... Critical Unreviewed

CVE-2017-15226 was published May 13, 2022

The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV.... Critical Unreviewed

CVE-2017-14429 was published May 13, 2022

In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified... Critical Unreviewed

CVE-2017-14100 was published May 13, 2022

Previous 1…42…51 Next

Previous 1 2 … 40 41 42 43 44 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,267 advisories